File sec.changes of Package sec
-------------------------------------------------------------------
Fri Nov 1 20:04:47 UTC 2024 - malcolmlewis@opensuse.org
- Updated to version 2.9.3:
* Added support for built-in action list variables %.chr32, ...,
%.chr255 that are set to ASCII 32..255 characters.
-------------------------------------------------------------------
Sat Jun 3 16:35:33 UTC 2023 - malcolmlewis@opensuse.org
- Updated to version 2.9.2:
* Starting from this version, list of event occurrence times that
correspond to event group string tokens is passed to PerlFunc
and NPerlFunc event group patterns as an additional parameter.
- Add build requires on systemd-rpm-macros.
- Removed unused conditionals for old releases as no longer needed.
-------------------------------------------------------------------
Wed May 4 16:25:15 UTC 2022 - malcolmlewis@opensuse.org
- Updated to version 2.9.1:
* Added support for 'egtoken*' fields in EventGroup rules.
* Starting from this version, list of event group string tokens
is passed to PerlFunc and NPerlFunc event group patterns as an
additional parameter.
-------------------------------------------------------------------
Mon Nov 29 16:05:44 UTC 2021 - malcolmlewis@opensuse.org
- Updated rulesets to version 20211119:
* SecJson.pm updated.
- Add full download URL for rulesets.
- Remove obsolete version checks.
-------------------------------------------------------------------
Thu May 13 03:22:38 UTC 2021 - malcolmlewis@opensuse.org
- Updated to version 2.9.0:
+ Added support for 'cmdexec', 'spawnexec', 'cspawnexec',
'pipeexec' and 'reportexec' actions.
+ Added support for 'shell' field in SingleWithScript rules.
+ Added support for 'egptype' and 'egpattern' fields in EventGroup
rules.
+ Added support for %.sp built-in action list variable.
+ Added ipv6 support for 'tcpsock' and 'udpsock' actions.
+ Bugfixes for 'write', 'writen', 'owritecl', 'udgram', 'ustream',
'udpsock' and 'tcpsock' actions (exceptions from syswrite() and
send() are now handled, and 'ustream' action no longer blocks on
Linux when peer backlog queue is full).
+ Improved socket handling routines.
+ Improved error reporting for invalid command line arguments.
+ Starting from this version, a program provided with
--timeout-script command line option is executed without shell
interpretation.
+ Starting from this version, SEC uses Perl JSON::PP module instead
of JSON module (JSON::PP is included in the standard Perl
installation).
- Update rulesets and drop get from git script as rulesets are now
released.
-------------------------------------------------------------------
Sat May 2 18:32:47 UTC 2020 - malcolmlewis@opensuse.org
- Updated to version 2.8.3:
+ Added support for collecting rule performance data and the
--ruleperf and --noruleperf command line options.
+ Improved dump file generation in JSON format (some numeric
fields that were reported as JSON strings are now reported as
JSON numbers).
- Update copyright year(s) in spec file.
-------------------------------------------------------------------
Sun Jun 2 14:37:21 UTC 2019 - malcolmlewis@opensuse.org
- Updated to version 2.8.2:
+ Added support for 'varset' action.
+ Fixed a bug where reference to $:{cacheentry:varname} match
variable for non-existing pattern match cache entry would
create an empty entry.
-------------------------------------------------------------------
Wed Oct 3 12:48:28 UTC 2018 - malcolmlewis@opensuse.org
- Updated to version 2.8.1:
+ Fixed a bug in dump file creation routine (a perl warning
message was written to standard error if --dumpfjson command
line option was used without Perl JSON module being present).
-------------------------------------------------------------------
Thu Aug 30 15:05:40 UTC 2018 - malcolmlewis@opensuse.org
- Updated to version 2.8.0:
+ Added support for dynamic input files, and 'addinput' and
'dropinput' actions for managing dynamic inputs.
+ Added support for signal emulation and 'sigemul' action.
+ Added support for 'setltime' action.
+ Starting from this version, the 'lcall' action supports the
:> operator.
+ Added support for $+{_intcontext} match variable.
+ Improved input file rotation handling.
+ Improved action list parsing.
+ Bugfixes for 'setwpos' action.
+ Added support for creating dump files in JSON format, and
the --dumpfjson and --nodumpfjson command line options.
- Updated example rulesets.
-------------------------------------------------------------------
Tue Dec 12 21:49:55 UTC 2017 - malcolmlewis@opensuse.org
- Updated to version 2.7.12:
* fixed a bug in context expression parsing routine and improved
the logging of parsing errors.
- Add get_rulesets_from_git.sh to sources to pull direct from git.
- Update spec file for compat macro for new _fillupdir macro and
spec file clean up.
-------------------------------------------------------------------
Tue Feb 7 16:23:08 UTC 2017 - malcolmlewis@opensuse.org
- Updated to version 2.7.11:
+ Added support for the --user, --group and --umask command line
options.
+ Starting from this version, SIGPIPE signal is ignored globally
in all parts of the code.
+ Improved the handling of SIGTERM signal.
+ Optimized IO routines, signal handling and exit status
collection for child processes.
+ Improved command line parsing and error reporting.
+ Changes in rule parsing routines (only ASCII digits are allowed
in numeric rule fields).
+ Starting from this version, the default value for the
--blocksize command line option is 8192.
+ Fixed a bug in the code which checks the status of TCP sockets.
-------------------------------------------------------------------
Mon Jun 20 18:36:47 UTC 2016 - malcolmlewis@opensuse.org
- Updated to version 2.7.10:
+ Added support for built-in action list variables %.chr0, ...,
%.chr31 that are set to ASCII 0..31 control characters.
-------------------------------------------------------------------
Tue Mar 8 19:01:57 UTC 2016 - malcolmlewis@opensuse.org
- Updated to version 2.7.9:
+ Added support for built-in action list variables %.nl, %.cr and
%.tab that are set to special characters, and time-related
built-in action list variables %.sec, %.min, %.hour, %.hmsstr,
%.mday, %.mdaystr, %.mon, %.monstr, %.year, %.wday, %.wdaystr,
%.tzname, %.tzoff and %.tzoff2.
- Updated homepage Url and source download link.
-------------------------------------------------------------------
Sat Nov 28 15:19:39 UTC 2015 - malcolmlewis@opensuse.org
- Updated to version 2.7.8:
+ Added support for the --dumpfts and --nodumpfts command line
options.
+ Added support for the 'assignsq' action.
+ Starting from this version, SEC_PRE_RESTART, SEC_PRE_LOGROTATE,
and SEC_PRE_SOFTRESTART internal events are generated before
processing SIGHUP, SIGABRT, and SIGUSR2 signals.
+ Starting from this version, the default value for
--keepopen/--nokeepopen command line options is --keepopen.
-------------------------------------------------------------------
Tue Feb 24 15:08:38 UTC 2015 - malcolmlewis@opensuse.org
- Updated to version 2.7.7:
+ Added support for the 'writen', 'closef', 'closeudgr',
'closeustr', 'closeudp' and 'closetcp' actions.
+ Starting from this version, the default value for the --bufsize
command line option is 0 (detect appropriate input buffer size
automatically).
+ Starting from this version, the default value for
--jointbuf/--nojointbuf command line options is --nojointbuf.
- Update spec file to fix shadowed initscript warning so can still
build for SLE 11 target.
-------------------------------------------------------------------
Tue Jul 15 18:28:51 UTC 2014 - malcolmlewis@cableone.net
- Updated to version 2.7.6:
+ Added support for the 'cspawn' and 'cevent' actions which allow
for generating synthetic events with custom internal contexts.
+ Fixes for logging the execution of 'shift' and 'pop' actions.
+ Starting from this version, warnings are produced for duplicate
keywords in rule definitions.
- Drop sec-fix-sysconfig-parsing.patch as this has been merged
upstream.
-------------------------------------------------------------------
Fri Jan 24 05:36:19 UTC 2014 - malcolmlewis@opensuse.org
- Updated to version 2.7.5:
+ The continue* rule parameters accept 'EndMatch' as a value.
- Updates from version 2.7.4:
+ Added support for the 'owritecl' action.
+ Added support for the --childterm, --nochildterm, --rwfifo and
--norwfifo command line options.
+ SEC_LOGROTATE internal event is generated on the reception of
SIGUSR2.
+ The --notail option implies reading from input pipe until all
writers have closed the pipe (in previous versions, --notail
closed the pipe when no data were available for reading).
- Add sec-fix-sysconfig-parsing.patch: Fix error in parsing of
SEC_OPTS to sec (bnc#855507).
-------------------------------------------------------------------
Thu May 30 22:36:19 UTC 2013 - malcolmlewis@opensuse.org
- Update to version 2.7.3:
+ Sockets created by 'tcpsock', 'udpsock', 'ustream' and
'udgram' actions are managed in a better way, allowing for
timely detection of peer shutdowns and restarts.
+ Improvements to 'write' and 'spawn' actions.
+ Process interactivity check is now done with POSIX system
calls.
+ A bugfix in the variable substitution routine for handling
${number} variables properly.
+ Man page updated.
-------------------------------------------------------------------
Fri Apr 12 17:01:17 UTC 2013 - malcolmlewis@opensuse.org
- Update to version 2.7.2:
+ Fixed a bug in the parsing of the 'rewrite' action.
-------------------------------------------------------------------
Mon Apr 8 17:30:54 UTC 2013 - malcolmlewis@opensuse.org
- Update to version 2.7.1:
+ Added support for the 'udgram', 'ustream', 'udpsock' and
'tcpsock' actions.
+ Changed the behavior of the 'write' action -- instead of
opening and closing the file on each access, 'write' now keeps
the file open across writes.
+ Added support for the --socket-timeout command line option.
-------------------------------------------------------------------
Thu Feb 28 18:20:17 UTC 2013 - malcolmlewis@opensuse.org
- Update to Version 2.7.0:
+ Added support for the 'if', 'while', 'break', 'continue',
'prepend', 'pop', 'shift', 'exists', 'getsize', 'getaliases',
'getltime', 'getctime', 'setctime' and 'free' actions.
+ Added support for varset and :> operators in context
expressions.
+ Added support for $:{cacheentry:varname} match variables which
refer to variables from previously cached matches.
+ Starting from this version, PerlFunc pattern can set named
match variables.
+ Starting from this version, the 'set' action does not change
the context lifetime if '-' is specified for lifetime.
+ Changed the dumpfile format to highlight frequently matching
rules.
-------------------------------------------------------------------
Fri Jan 27 03:28:51 UTC 2012 - malcolmlewis@opensuse.org
- Updated to Version 2.6.2:
+ Added support for the --jointbuf and --nojointbuf command line
options.
+ Added support for the 'rewrite' action.
+ Starting from this version, 'eval', 'call' and 'lcall' actions
set the output variable to 'undef' if no value is returned
from Perl code.
- Dropped sysconfig.sec, sec.init and sec.service as these have
been added upstream.
-------------------------------------------------------------------
Mon Jan 16 18:44:11 UTC 2012 - malcolmlewis@opensuse.org
- Updated to Version 2.6.1:
+ Added support for the $+{_inputsrc} match variable.
+ Added support for the --keepopen and --nokeepopen command line
options; also, dashes can be used instead of underscores in
all option names.
+ starting from this version, Calendar rules are processed
immediately after SEC startup procedures.
- Updates from 2.6.0:
+ Added support for the EventGroup rule.
+ Starting from this version, the Calendar rule accepts a year
condition in the time specification.
+ Added support for 'lcall', 'getwpos' and 'setwpos' actions.
+ Added support for the named match variables and variable maps.
+ Added Cached and NCached pattern types, and support for
pattern match caching.
+ Starting from this version, all unset or undefined variables
are substituted with empty strings.
- Spec file cleanup via spec-clear.
- Added systemd supoort.
- Update spec file License field from GPLv2 to GPL-2.0 to conform
with spdx.org identifier.
-------------------------------------------------------------------
Mon Nov 15 16:53:24 UTC 2010 - malcolmlewis@opensuse.org
- Spec clean up
- Add example rulesets
-------------------------------------------------------------------
Sat Jul 3 00:00:00 CDT 2010 - malcolmlewis@opensuse.org
- initial build
